<?php
/**
 * @author silenus
 * 粗加工一次,
 * 动态充许上传类型
 * 自定义保存路径
 * 向数据库写入信息
 * @lastedit 2012年8月7日13:28:05
 */
require_once (HOME . '/include/base/BackendController.php');
class upload extends BackendController {
	private $file;
	/**
	 * 文件保存的路径
	 */
	private $base_save_path;
	private $mod_data;
	function __construct() {
		parent::__construct ();
	}
	function upload() {
		$this->save_path = HOME . '/data/files';
		$this->mod_data = spClass ( 'm_data' );
		$this->upload ();
	}
	// ///////////////////////
	function index() {
		// TODO 显示上传页面 基本上是ajax 请求出来的
		// TODO 获取请求参数,
	}
	
	/**
	 * 上传文件处理程序
	 * 处理的上传为swfupload
	 */
	function handle() {
		$POST_MAX_SIZE = ini_get ( 'post_max_size' );
		$unit = strtoupper ( substr ( $POST_MAX_SIZE, - 1 ) );
		$multiplier = ($unit == 'M' ? 1048576 : ($unit == 'K' ? 1024 : ($unit == 'G' ? 1073741824 : 1)));
		
		if (( int ) $_SERVER ['CONTENT_LENGTH'] > $multiplier * ( int ) $POST_MAX_SIZE && $POST_MAX_SIZE) {
			header ( "HTTP/1.1 500 Internal Server Error" ); // This will trigger an
			                                              // uploadError event in
			                                              // SWFUpload
			echo "POST exceeded maximum allowed size.";
			exit ( 0 );
		}
		
		$save_path = $this->base_save_path; // The path were we will save the file
		                                    // (getcwd() may not be reliable and
		                                    // should be tested in your environment)
		$upload_name = "Filedata";
		$max_file_size_in_bytes = 2147483647; // 2GB in bytes
		$extension_whitelist = array (
				"jpg",
				"gif",
				"png" 
		); // Allowed file
		                                                   // extensions
		$valid_chars_regex = '.A-Z0-9_ !@#$%^&()+={}\[\]\',~`-'; // Characters
		                                                         // allowed in the
		                                                         // file name (in a
		                                                         // Regular Expression
		                                                         // format)
		
		$MAX_FILENAME_LENGTH = 260;
		$file_name = "";
		$file_extension = "";
		$uploadErrors = array (
				0 => "There is no error, the file uploaded with success",
				1 => "The uploaded file exceeds the upload_max_filesize directive in php.ini",
				2 => "The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form",
				3 => "The uploaded file was only partially uploaded",
				4 => "No file was uploaded",
				6 => "Missing a temporary folder" 
		);
		
		if (! isset ( $_FILES [$upload_name] )) {
			$this->HandleError ( "No upload found in \$_FILES for " . $upload_name );
			exit ( 0 );
		} else if (isset ( $_FILES [$upload_name] ["error"] ) && $_FILES [$upload_name] ["error"] != 0) {
			$this->HandleError ( $uploadErrors [$_FILES [$upload_name] ["error"]] );
			exit ( 0 );
		} else if (! isset ( $_FILES [$upload_name] ["tmp_name"] ) || ! @is_uploaded_file ( $_FILES [$upload_name] ["tmp_name"] )) {
			$this->HandleError ( "Upload failed is_uploaded_file test." );
			exit ( 0 );
		} else if (! isset ( $_FILES [$upload_name] ['name'] )) {
			$this->HandleError ( "File has no name." );
			exit ( 0 );
		}
		
		$file_size = @filesize ( $_FILES [$upload_name] ["tmp_name"] );
		if (! $file_size || $file_size > $max_file_size_in_bytes) {
			$this->HandleError ( "File exceeds the maximum allowed size" );
			exit ( 0 );
		}
		
		if ($file_size <= 0) {
			$this->HandleError ( "File size outside allowed lower bound" );
			exit ( 0 );
		}
		
		// Validate file name (for our purposes we'll just remove invalid
		// characters)
		$file_name = preg_replace ( '/[^' . $valid_chars_regex . ']|\.+$/i', "", basename ( $_FILES [$upload_name] ['name'] ) );
		if (strlen ( $file_name ) == 0 || strlen ( $file_name ) > $MAX_FILENAME_LENGTH) {
			$this->HandleError ( "Invalid file name" );
			exit ( 0 );
		}
		
		// Validate that we won't over-write an existing file
		if (file_exists ( $save_path . $file_name )) {
			$this->HandleError ( "File with this name already exists" );
			exit ( 0 );
		}
		
		// Validate file extension
		$path_info = pathinfo ( $_FILES [$upload_name] ['name'] );
		$file_extension = $path_info ["extension"];
		$is_valid_extension = false;
		foreach ( $extension_whitelist as $extension ) {
			if (strcasecmp ( $file_extension, $extension ) == 0) {
				$is_valid_extension = true;
				break;
			}
		}
		if (! $is_valid_extension) {
			$this->HandleError ( "Invalid file extension" );
			exit ( 0 );
		}
		
		if (! @move_uploaded_file ( $_FILES [$upload_name] ["tmp_name"], $save_path . $file_name )) {
			$this->HandleError ( "File could not be saved." );
			exit ( 0 );
		}
	}
	/**
	 * 保存上传文件信息到数据库
	 * 
	 * @param object $file_obj
	 *        	上传文件信息
	 */
	private function _save_info($file_obj) {
		// TODO
		spClass ( 'm_data' )->xxx ();
		$this->mod_data->xxx ();
	}
	private function _move_upload_file() {
		// TODO 删除源文件,保存新文件
	}
	private function HandleError($message) {
		echo $message;
	}
}
?>